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(57) Abstract 

In a method and a de- 
vice for partial encryption and 
progressive transmission of im- 
ages, a first section of the im- 
al We is compressed at reduced 

quality without decryption and 
Second section of the .mage 
file is encrypted. 
access to appmpnare decrypuon 
kevwocds can decrypt this sec- 
oTsection. Thefirst^ 
together with the decrypted sec- 
^ section can then be v,ew«i 

as a full quality image. The stor- 
age space required for stonng the 
first and section together is 
sentially the same as the stor- 
age space required for stonng 
4 unencrypted full vfV ™ 
at By using the memod and 
dtv'ice as described herein stor- 
age and bandwidth requirements 
to partially encrypted images. s 
reduced. Furthermore, object 
based composition and process- 

"Tof encrypted objects are fa- Armn « sa and restored in the compressed domain. 
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A METHOD WD A DEVICE FOR ENCRYPTION OF IMAGES 

TECHNICAL FIELD ^ ^.^ fQr 

The present invention relates 
encrypting images. 

ttACKGROOND OF THE INVENTION AND PRIOR ART 

BACKGROUND O techni cal field which becomes 

Encryption of digital data is^ informat ion or 

^nnrtant when transmitting ana sconuy 

important available to a user paying for 

information which only snaix 4 . - 

^information. Thus, several methods for encrypts aortal 

are in f recent use. such methods can also be applied also 

to digital image data. Espies of encryption methods are ' 

triple DBS and the public-key RSA method. 

» servers and distributed over a 

Digital images can be stored » -™ ^ can also 

telecommunication networkas^g ^ ^ & 

- distributed usrng a physical s ^ ^ ^ 

service provr *»~-^* „ t it migll t be suitable to 
their busrness model. In thr ^ ^ 

„ £ fer partial access to one set ^ ^ fce 

— ^o Levant all users from having full access 

to all image data. 

be offered for sale on the Internet. 
Ne ws P^™^ l^ ts to allow customers to download a 
The service provider wan . for evaluation, 

version of the image with reduced quality t ^ 

, t ha t want to publish an image, pay tor 
™en'al"o download a full guality imege. 

Hw eve, such a service provider wants. 

and download bit rates. An imag P ^ ^ ^ ^ g . ven 

-r, ™ rr. s^. -« ■• ••• - 

quality, efficiently as possible, 

space on the CD-ROM as efficiently 
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It is also essential that customers always can access xmages 
using user friendly, standardise* software, image probers are 
reluctant to design and support special image vxewers and 
customers don't want a proliferation of viewing tools. 

Presently. image providers have to store two versions of the 
images stored. The full quality version is stored as an 
encrypted image file. This means that the image 
compressed and stored in a compressed file format such as JPEG 
TgXF. The compressed file is then encrypted usxng a suitable 
encryption tool and an encrypted image file is stored The user 
musffirst decrypt this file and then access the -sultxng 
compressed image file using en image viewing tool Reduced 
e^ality images ere produced by processing the full quality ^ 
Hges in an image editing program. They are stored as separate 
compressed image files. 

The problems with this solution are that at least two different 
The problem ^ ^ ^ both 

versions of the same inny k in case of 

• = nm*t also be transmitted over the networK in 
versions must also oe u WMt s to see the free 

• caS e a customer first wanes w 

remote access in the case a resolution 
low resolution image before paying for the full 

version. 

.^tfieant disadvantage if the reduced 
This results xn a sxgnxfxcan i]nage 

version image contarns a large E"" 1 " oarMl , woula 

formation. Images that ™ H Lr^ good quality 
in particular b« ^provx ded for pr^ ^ o£ 
sinC e journal edxtors - t £or 

the image content and accepts y , ea uire 10-50% of the 

printing. The reduced quality -age could requx 
storage space of the full quality image. 

-ml image coding standard JPEG 2000, 
Pu.thermore. the ^ergrng s txll ^ , ed .,, JPEG 20 00 

which is descrxbed xn Charxl ^ 
verification Model Versxon 2.0. coding 
£uncti onalitxes in ^-^^ ^thods for creating a 

sr^'-rs^ — — - awii " cion ™ 
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can select a suitable progression mode Indrvrdua 3 ects 
within images can be accessed separately .» the JPEG 2000 
bitstream and progressive transmission can be applied also to 
cbjects. rn J»> 3000 there is also support for independently 
decodable coding units. 

SUMMARY _ 
It is an object of the present invention to overcome the 
problems as outlined above and in particular to reduce the 
Tount of memory retired for storing an image, which partially 
shall be possible to view, and also to reduce transmxssaon time 
in a transmission scheme transmitting partially encrypted 
images • 

T11 is object and others are obtained by a technique for partial 
!Tcryption and progressive transmission of images where a first 
section of the image file can be decompressed at reduced qualrty 
without decryption, i.e. the first low quality ««. « not 
encrypted, and where a second section of the rmage file rs 
encrypted . 

Thu s, users having access to ^^J^^T^ Z 
decrypt this second seccron. The frrst sec , 
decrypted second section can then ™» e £ . rsc ^ 

Image. The storage ^ storage spa ce 

required for ion „ ay , depending on the 

-T a slight expansion of the second 

rctfor^ ^unencrypted second section. 

■ can also be partitioned into multiple sections where 

The image can also be P ^dividual encryption 

each section may be encrypted ^encrypted. 
me thod and Keyword, some ^"^Z\s described 

possioxe u f _ .__ eI1 tropy decoding, 

domain without performing entropy 
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A reduced quality image can be produced according to several 

different main schemes, such as: 

l) Reduced resolution ■ 

a , Reduced accuracy of the transform ~«"«*"- 

3) Exclusion of predefined regions of interest (ROD 

.hods can be combined so that a reduced quality image is 
Tuese methods can be como resoluti on and the accuracy 

e.g. produced by reducing both the resolution 
of the transform coefficients . 

„ using the method and device for storing and transmitting 
!Lge data as described herein, several advantages are obtained. 
C there is no need to store two different versions of an 

if different users are to have access to different quality 
image if dl££ ^ " transmission times become much 

of the one and same image. Also. resolution, 
lower if the information content of J~ r resolution 

i^ge data can be reused when transmitting the higher 

image data. 

I!th reference to the accompanying drawings, in which. 

. Fig. 1 is a general view of the file ZZZ' « 

. Figs. 2a and 2b shows encryption of images cod 

•nr. st. — — ~- — d ° ut 

"tgTTf o^raTlllustrating a client server process. 
- Fi g. 5 is a view of an encryption header 

DETAILED DESCRIPTION structure of an original, 

m Fig. 1. a general view of the fil ^ ^ 

hi gh resolution. ^ " decodable coding 

consists of a number of e l££ere " £ '/structure shown in Fig. 
sections 101, 103 and 10S. » f ^ version of a high 

x , the section 101 which is a^ ^ ^ 

resolution image, is coq 
be possible to decode by any receiver. 
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„ A -.*~ which combined with the 
«iu. sec tion 103, which comprises data, wmcn co 
The section x . resolution version of 

data of section 101, result in = en crvotion 

the high resolution image, is encrypted using a first encryptio 
!>, a and only receivers having access to the correct 

Z will he ahle to decode the data stored in the 

section 103 . 

. „_ j-*.. which combined with the 
_ 105 , which comprises data, wmcu 

of section «! and 103 results in a Ul resolution version 
* the nigh resolution i»age. is encrypted usin g e second 
eL^t"! .ethod. and only reoeivers having access to the 
™tion *ey will he ahle to decode the date stored » the 
section 105- 

^ decoding of the section ^ o£ the 

frTtle seotfons id and 103 result in a full resolution ^ 
115. 

^ore. lamentation in the ^ ^^S^ 
X of progressive .odes can he supported. 

. JPE C 3000 verification *odel ,0 ^ ^^.^ - 

the hitstrea. ^^^l he'descrihed as any 
sul ,band. in general, a coding lntonn ation. The general 

^endently ^^V^ order is to include so 

Sr^T^ ^rs^LTiU^order is 
sufficient to specify the suhban » „ che heade r that 

are needed for inserting explicit tags. 
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In rigs 2a and 2b block diagrams describing bow encryption can 
be implemented in tbe JFEG 2000 encoder and decoder 
respectively, are sbown. 

Thus in Fig 2a a block diagram where encryption is performed 
after entropy coding in the encoder is shown. Coding units enter 
^ entropy coding block 201. In the block 201 coding the coding 
ItraTentropy coded using some suitable entropy cod. The 
output from the block 20!. fed t 
suitable encryption method for each entropy 

some coding units can be selected to not be encrypted at all. 

in response to the selection made in the selector 203 the 
entropy coded coding units are encrypted in a block 205. The 
encrypted coding units together with the not encrypted cod^g 
^ then form a combined output data stream, which can be 
stored or transmitted. 

la Fig 2b a decoder for decoding the bit stream generated by 

J\ in Fig 2a is shown. Thus, first encrypted and not 
t-he encoder m rig. x<=> -i A -*.rvr 9 m 

which selects a recei ved coding unit is not 

coded coding unit, or if tne rece 

encrypted it is directly transmitted to a block 255. 

In response to the selection made in the ^^^f^ a 
entropy coded coding units are deer* ^ £ a^b ^ _ 

citable -^-^Tlm^^» «» U "" S 
Chen fed to the block 255. In the decty ption 

Ir om fed directly from ££ZTJ£Z to £or m a combined 
block 253 are entropy decoded and c ^ £ed 

output data stream corresponding to the data 
to the entropy coding block 201 in Fig. 2a. 

■ ►>,. transmission scheme as shown in the 
Each coding unit in the transmr encrypted block. 

Figs . 2a and 2b is separately with any user 

Each coding unit can **^*££*L units in the same image 
T ^TeHird "errircryption methods. The 
can be encrypted wim 
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encryption method used can further be an encryption algorithm 
coined with a Keyword or a method for generate Keywords. 

r.-,f-v.„t encryption methods can in such an embodiment have 
Antics "gcTithms but different bywords . Encryption Method 
^criPtion !»D> as shown in Figs. 2a and 2b is any global data 
ST session Keywords or ------ « - ~ - 

in Fig 3, a flow chart illustrating different steps carried out 
"en encrypting an image are shown. First, ina step 30! an 
, mas to b e partially encrypted is received. The image receivea 
rftep 301 Is then coded using a coding algorithm ^neratrng 
independently deeoda*le coding units, e.g. J»> 2000, in a step 



303 



- ,. he cod i n q units of the image coded 
Next, in a step 305, some of the codl ^ encryption method, 

ai -e encrypted using some suitable encrypt 
in step 303 are encryp be encrypted 

nt , c rpHp codincr units tnat axe 
such as MS. Th =0^9 usei pre£e „. Th us. a user can 

« have coailg units corresponding to ROIs, higher order 
chose to have coding un encrypted coding units 

bit -planes. etc. encrypted. fl are merge d into a 

and the coding units which are not encryp 

single bit scream. 

*» transmitting an image en ^ a 

.escribed in function » h Fig.^ ^ ^ _ then ue 

T^Z^ server 4 03 for a particular image, step 



405. 



renlies by transmitting the coding units of the 
The server 403 replies by ^ encrypted 

inage which are not encrypted now will have 

coding units can be decoded by the clie ^ 
access to a low solution vers on or^ pa ^ ^ ^ ^ t 
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client transmits a request to the server requesting such 
information, step 409. 

The server replies by sending a request to the client requesting 
the client to agree to the conditions for transmitting the 
higher resolution version of the image, step 411. If the clxent 
agrees via a message 413, e.g. comprising a card number or 
account number from which to bill the cost for the image, the 
server sends the encrypted coding units together with a key word 
by means of which the encrypted coding units can be decrypted, 
step 415. A secure method for key distribution should be used. 
Espies of such secure methods are described in W. Stalling 
-Data and computer Communications", p 635 -637, Prentice-Hall 
1997 fifth edition ISBN 0-13-571274-2. 

If the client already has access to the unencrypted and 
encrypted coding units, for example if he has purchased a CD-ROM 
images coded as described herein. The scheme as descried 
in conjunction can be modified so that no image data xs 

the server in order to have access to the key worcu i 
required to decrypt the encrypted coding unxts of the CD ROM. 

T ,h. case when the method and device as described herein is 
in the case wnen standard, it 

used when encoding image according to the JPEG 2 °°° 

,c ■; -f the JPEG 2000 standard does not stanaarai^ 
is advantageous xf the JPEt* * included in the 

««-v,^«= An Encryption Header that xs xncxuu<= 
encryptxon methods. An Encryp merged with 

, _ „ nHona llv an Encryptxon Tag that xs meiyc 

units are decrypted. 

in such an embodiment the JPEG 2000 image header contains an 
in such an ^ . f ^ coding mt x5 

Encryp l on Fla ^(EF) ^ ^ be appended to 

encrypted. An f«W encryp tion information can 

the JPEG 2000 xmage header ana enc^yy 
optionally be merged into JPEG 2000 Tags. 

Xn Pig- 5 an encryption beader is shown. ^ Encryption Header 
can in such an embodiment contain the followxng symbols. 
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« * /™\ a cet of standard encryption modes are 
1) Encryption Mode (EM) . A set or *uox .re- 
defined e.g. 

a) One encryption method is used for all coding units 

b) Bitplanes of less significance than bitplane X are encrypted 

c) Subbands of higher resolution than Y are encrypted 

d) ROIs specified in are encrypted, etc. 

No encryption information need to included in the Tags if an EM 
is defined. 

2) Encryption Mode Parameters (BMP). Parameters (X. Y, ...) that 
are used to define the Encryption Mode are set here. 

3) Number of encryption methods used. Several encryption methods 
can be used within the same image if e.g. different user groups 
should be allowed to see different image content. 

M«*.v,«^ n^rribtor (EMD) for each encryption 

4) One Encryption Method Descriptor wwilii 

method The EMD defines any data that is needed by the 

rn ryttion/decryption module. The type of -f^/^^T 

is alined. A typical use of EMD will be to include a .eywor^ 

that is encrypted by a public Key al ^^J^J^ £ 

. t for decrypting the enclosed encrypted Key. 

' : a Lv is useToy a fast decryption algorithm to decrypt 
decrypted key rs us*d Y ^ allooaCes m n ™ber to 

n Tte Mtstrea. „ust ror eac* -^J.^"^ one 

Unit Encryption State iuw»> y encryption header or 

x. -i „«„ih either be collected in tne encryy 
symbols could either o bitstre am as encryption 

alternatively be distributed in the bits header we 

tags. If the OES information is Kept i the « cryp ^ 
d efine a header element - Encryption . State ES) ^ ^ ^ 

a series of UES symbols that are listed in the 
coding units appears in the bit stream. 

„ EF is set and the Encryption State is not given in the 
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unit . 



described above, mey c<ui - 

. rmr ; ate coding units belonging to the ROI tor 

by selecting appropriate coding 

encryption. 

• ^h P shaDe of the ROI might reveal the 

Tbe main problem is that the difficult 
content. If the shapes are encrypted it is, howe , 
to show a reduced quality image since it is difficult to 
interpret the coded transform coefficients. 

ul nM be solve d by defining a so called cloaking 
This P-blem can -1 Y ^ ^ ^ RQIs „ 

shape (c-shape) . Thus, t . g designed to 

. « e^e o £ a c- 

shape is a bounding box. 

• oat in the JPEG 2000 bit 

A c . shape is - - /^ren^tion as .escribe* in 

stream. The c-shape is cod Verific ation Model 

Charilaos Christopoulos led .) > deS cribed therein 



header. 



coefficients belonging to the c P ^ thac 

using the method as descrxhed herein. T ^ 

- ooe ££i o r t S oe = g o z - J* ^ ^ rqis is _ 

by the c-shape are encryp 

protected by encryption. 

T he S ha P e o £ ^^^^^^ °~ 
encryption header. The encr ^ corre s P onding c-shape. 

SUBSTITUTE SHEET (RULE 26) 



PCT/SE99/W106 

WO 00/31964 

K1anlf rea ion The original ROIs can 
T Tdlflbf^ord Is *£L ^ is done by decrypting 

doie in the compressed domain. 

„ ,.*, t is used for encoding a ROI is not uniquely defined 
TZ ™. A nT* t hat is sufficients iar g e so that the ROI 
in JPEG 2 °°° cover the wh ole lower subbands. A 

irtht: i not allowed to expand will lead to a lossy encoding 
of the ROI The masks belonging to different ROIs or to a ROI 
I'he ^ground can be designed to overlap This means that 

a « encoded in more than one ROI. sucn 
3OT Y°1m lead To aTeduced overall egression but the ROIs 
r mfre indePslnt so that an y ROI can be accessed and decoded 
with a good visual result. 

for ROIs described herein is not 
The partial encryption -f-J^"^ as the mask is selected 

dependent of ^^^Tot be'reconstructed from the 
so that the content of a RO r ^ £or build ing a 

content of any other ROI or a describe d in Charrlaos 

Christopoulos (ed.). JPEG ^uu 

By using the method and -^7^" ^ 
nsndwidth ^-^rr^ion and processing of 
.educed. Furthermore. and ROIs can be encrypted, 

encrypted *J~» ^ and the original 

Aiso. the shape of a ROI can jessed domain, 

object can be decrypted and restore 

■ rt,t encryption does not need to be 
mother advantage is that ^ image . Thu9 . since 

performed at the same t— aS °" domain (a t the 

« process taKes £~ » encode all images without 

bitstream syntax) it i P £ormed jus t before 

encryption. The encryption can P „ this case, 

transmitting the image by a parser 

SUBSTITUTE SHEET (BUl£ 26) 
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hit-rate which will be the case 
if the encryption increases the bxtrate, w 

if the encryption is placed xn the T*GS the 

is avoided and the encryption information xs only 

transmitting it- 
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CLAIMS 

x . x M thod of partially encrypting image data comprising the 

^cooing'the iBage data using an encoding algorithm generating 
independently decodable coding units, 

- encrypting at least one of the coding units, and 

- fergfng elding units which are not encrypted wits coding units 
which are encrypted into a combined bitstream. 

2 x method according to claim 1. characterized in that the not 
en^pted coding units correspond to a low resolution version of 
the image data. 

3 A method according to any of claims 1-2. char.cterisedin 
Lt different coding units are encrypted using different coding 
methods - 

« * method according to any of claims 1-3, characterised in 
that an encryption flag, which indicates if a coding unit 
encrypted, is inserted in the bit stream. 

^ ~i ^4™<= i - 4 when information 
.. . meth^ according * .any - 

:r.rr;ei s « - — - - - *— is 

enclosed in a cloaking shape. 

.. a d evice for partial encryption of image data characterised 

"means for coding the ^^^J^^. 
•ZZTJZZZ r^eans for encrypting at least 
one of the coding units and encrypted with 

- *eans for merging codxngunxts vhi bltitritt . 
coding units which are encrypted. 

* Mm6 characterized by means for 
7 . A device according to clal * ' - ts correS ponding 

selecting the not encrypted coding units s um 
Toalow resolution version of the i»age data. 
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8 . h device according to -* <=^ 6 " 7 ' *» 
^ ^-encrypting ^-t coding units using afferent 

coding methods. 

, % device according to eny of oUta. 6 - •. characterised by 

inserting an encryption flag, which indicates if a 
coding unit is encrypted, in the bit stream. 

10 * device according to any of claims 6-9, characterised .by 
»Ls ^enclosing a region of interest shape in a cioa^ng 



shape. 
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